URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	ewaiguo.com
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Control D HaGeZi :	Not blocked
Firstseen:	2020-08-11 17:53:15 UTC
Total malware sites :	1
A record(s) observed :	12

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	SBL	ASN	Country	Active?
2025-10-15 08:05:24	188.114.96.3	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-10-15 08:05:24	188.114.97.3	Not listed	AS13335 CLOUDFLARENET	n/a	yes
2025-08-22 04:32:47	104.26.12.223	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:47	104.26.12.75	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:46	104.26.13.75	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:47	104.26.3.133	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:48	104.26.6.80	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:47	172.67.71.1	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-08-22 04:32:47	172.67.73.70	Not listed	AS13335 CLOUDFLARENET	n/a	no
2025-06-11 13:34:17	172.65.190.172	Not listed	AS13335 CLOUDFLARENET	n/a	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2020-08-11 17:53:18	http://ewaiguo.com/zb_users/protected_b92i5yumu...	Offline	doc emotet epoch1 heodo	spamhaus

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2020-08-13 06:10:53	57fcedf7b710607daf3ff9d1d3f81b02e5597d6a760e10c3af3805702f2e2ec5	doc	Heodo
2020-08-13 04:39:03	059d90ba2fdda046ef59121b28ea19e6e7d5b9560b0ce0dab9234e0b0c93e56b	doc	Heodo
2020-08-13 04:21:49	1dd5d7a44f9459e8c6b9aedd3201e616a357788e0008f048f110c382e7411b54	doc	Heodo
2020-08-13 04:02:34	d16cd96a6382c743e97444d51967f3d83c72ca0618c6d92facad07211712c9be	doc	Heodo
2020-08-13 03:44:53	0920dc57ca08f4f9277d39f3d1b693eb0d12d7fc1c856a1c90689f5151a62dd5	doc	Heodo
2020-08-13 02:14:55	eb6f58b9bb01ec359e16d177bb55152c7a0c1d08ff1fcc302ee5deaeb4288293	doc	Heodo
2020-08-13 00:42:56	ccef51f2aac08b771675329e49226ef621176b8408f1e7f7b72aa4359c3d137d	doc	Heodo
2020-08-12 23:12:28	5aaa39535adf5512408d58dfbf5d54f364b46a2ed6bd258250858b08f2d13e3d	doc	Heodo
2020-08-12 22:54:40	93038076936e036e53a02867d6ec372304df2638bd700bb923f54bd20c5f2f7f	doc	Heodo
2020-08-12 20:43:32	986acc515daf31c8bd8d424f27e1307eab1f51a043c896ffeb2cd94df1eed8a1	doc	Heodo
2020-08-12 20:19:18	03da483de66ade2c2ee905123fc6b8c25c12ef9042456251657dc19fd0037741	doc	Heodo
2020-08-12 19:58:42	99587a42037e6883c1b3d9ed477034427499b230aa1d61f823e0771f83d94944	doc	Heodo
2020-08-12 19:38:26	ac4a497f08d9286aff7a72c55589c9c1ee603462e501e24b5354e0dad963cea9	doc	Heodo
2020-08-12 19:00:58	0a2fb529473b1340196d1f0e98caa568208f26a280f1bc09523963eead8b88d0	doc	Heodo
2020-08-12 18:38:24	c194497bd53deae5037d7ffd04e93de9ae4a080daa6a37959aa42207f197a31a	doc	Heodo
2020-08-12 18:16:10	e060a3ea1c14105f1702e8b612d1095bd704a9757c2107e3aacc4ce542cf2af4	doc	Heodo
2020-08-12 16:44:06	87b90453b1edf9bf7ee26ba76b7a73b73be127dd13678ada570fda173417ff98	doc	Heodo
2020-08-12 16:26:15	19a0b43438b15957a52c653d27778c90008ae27821fe97db817356de978f063f	doc	Heodo
2020-08-12 15:55:29	22d5bcf65dec583782e51f67e601a8e90d5deb8ba7cf1fb547feb1915c04961a	doc	Heodo
2020-08-12 14:23:00	47a2b2522e1be4005d5e8741dd1755ba76cafbb6e28f2c8d7bd18247cf17f2c4	doc	Heodo
2020-08-12 14:06:05	b4bf6e6e6eccfbddd61630876d0209894b69e9b122939c029d31b8b8b627d478	doc	Heodo
2020-08-12 13:45:45	c6f429946fcd3e6e755bdcbe2432c36bb06c309e745c2973d5d795fac283e415	doc	Heodo
2020-08-12 13:32:35	ba7e60bff1eee324d5376e7f78a7cf51aa033dcb9c8b814c71cc54cbfc1fb476	doc	Heodo
2020-08-12 12:15:46	9a3e221e7a322b7b9aba32f18fc7ef8751835341d9657cecbb8b53596702b4fb	doc	Heodo
2020-08-12 10:45:16	e94ead4e6b8438aedef07e9e5e01539d442aec9f156f80f4ee23677610ce9d29	doc	Heodo
2020-08-12 10:23:20	ec492f642a8aa6fa2d723853f3406c42a3604e895011181c3589e5794cfd4375	doc	Heodo
2020-08-12 10:01:43	60a6efb013c2184d94c35a3c67310f17cb1cb01d3bc7e081323540c3a44c7bdc	doc	Heodo
2020-08-12 09:33:44	c15363c91a8b99bc22063620a1747a678b17db67321d1b7e850d753f76f56231	doc	Heodo
2020-08-12 09:08:21	50ef5d0b0b7a0a0854a2bcf084cf61dca7c50050f555e23a4d4bf3e23a37a96e	doc	Heodo
2020-08-12 08:33:44	9f7495532d0874059f82a57757803faf785c53c312b19a228ec4755531fa09eb	doc	Heodo
2020-08-12 08:15:11	c5cf72d67d389db548717373f054466733e27034856015726230320261c7186f	doc	Heodo
2020-08-12 07:54:23	bb408e523c77e1a3face26900e50985691a5ac535d97b7d460a2ed79ed616d17	doc	Heodo
2020-08-12 07:31:46	b2638f5a62f9d35d681d04b249fe965504f71fd5e9d9dae777b51fe94e169c3a	doc	Heodo
2020-08-12 06:44:38	7c7837406f4a125ee3a129d23771f32eace788283c06a517f0bdfe7dc4f7036c	doc	Heodo
2020-08-12 06:01:10	e44866ddc3408fab14c87c206e408852253a05de531691d4cb8e1dcd7f37cf72	doc	Heodo
2020-08-12 05:46:21	1f2721d86674c089b606753be49e601afa652cd0daa1af0a19239ca33981af29	doc	Heodo
2020-08-12 05:25:48	fb3cc3350e60d43b553472c75d1c7ec6d97b7a837094ac667dae539d90e627a5	doc	Heodo
2020-08-12 05:10:11	d6ceff199daed77e31636bbce10dd06d27353c4064b10c076028aea4313071c1	doc	Heodo
2020-08-12 04:49:45	9e95cffa8cb342aefdb7f8c1a029adcd48d1304b400d07318215436dd2894341	doc	Heodo
2020-08-12 04:32:08	e5c2116828d317efeac4ff3a7fe2092bae369fbb5265db371d919a3ffa037cef	doc	Heodo
2020-08-12 04:16:44	fadf9dff9ac739df4bfe67bb110d2570b3a8b56ff10d4d0a619ec013819ee896	doc	Heodo
2020-08-12 02:45:33	106b70745b6bbcd2a3b1590f596682076f039f584ccde6df0ca12dab353fb701	doc	Heodo
2020-08-12 02:29:45	6fa74bb52572c68bce1d712b488aea9184f884d85ef22b26492011dc0fbec3a8	doc	Heodo
2020-08-12 00:58:54	7d7ecd381d765e01cbb41e6b0a254b7bc60ebb1d59c3c212286dbb9054e5093d	doc	Heodo
2020-08-12 00:43:41	239b0c4f5e150bac96fff321ed672e0772718018ae715db9d4feb0b59879fbb7	doc	Heodo
2020-08-12 00:31:17	d61bfdfe3cb1c215d30ba7049a17251c36f1029c9d6bca013dd3bbbbcb8d6b64	doc	Heodo
2020-08-11 23:43:08	db2aadedc60eea4a3a77bfbd6c1334cfca2091f721e34c196cde4f47624bcb90	doc	Heodo
2020-08-11 22:56:57	d135bfa839f7aced43217658d78cc59d8c51a7120940e59b3c805612e1b276ee	doc	Heodo
2020-08-11 22:46:57	0241b1ed7a1656dab5d9fe64b7e59fec547126495769ca53d78220090b494889	doc	Heodo
2020-08-11 22:32:16	116d5a4d0b83b31befcc51de658fe9a2a9554ada261572c59be7e4c01a077efd	doc	Heodo
2020-08-11 22:19:32	04eb4b28247dcf99dd7a07b62ab41575834d865c72e083dafd8e6b620a6e23cb	doc	Heodo
2020-08-11 22:02:17	7100d7486bcccf991906541b709fd020c8cf3aebaed5025f37c19ea15924b034	doc	Heodo
2020-08-11 21:46:42	fa8d6cdfd34564d1ee3cf57bf7d6f033ef277f6d88f2e2099c7a314e8095aa3a	doc	Heodo
2020-08-11 20:14:50	13114e608a7cc05973b50935d669f9bb5a135bee36e1f29a47243cdcb3cd7401	doc	Heodo
2020-08-11 19:57:36	dc67e4720accd77c39d460b3209c199a542e2c1e9e673e3645d2924c6a7827d9	doc	Heodo
2020-08-11 19:42:44	9761b08fba6f220e64e7cd463ab0fade7ad359b78431e8272557bd70a7c4e7a3	doc	Heodo
2020-08-11 18:11:56	669795b953f2d46ec362bc03adae579299f4c4a42392c7cbdfef5ab5b54b5ec1	doc	Heodo
2020-08-11 17:53:18	1da87bf7cde42012d6ef60a19e839e43b5cf12ca5942cd31c40cc0ac0e31da49	doc	Heodo